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ABSTRACT 



A cipher system is disclosed in which each character of 
a plaintext alphabet has associated with it a randomly 
distributed collection of integers of a given length. This 
collection of integers is secretly shared by a sender and 
receiver pair. The plaintext characters of a message are 
sequentially coded by pseudo-randomly selecting repre- 
sentatives from the integer collections corresponding to 
the plaintext characters. To this sequence of concate- 
nated integers, regarded as a single integer, is added a 
pseudo-random integer of length equal to that of the 
coded-for-message integer string. This pseudo-random 
integer is generated by a pseudo-random number gener- 
ator (The receiver has a corresponding generator.), the 
output of which is initialized by a "seed" integer con- 
cealed in the cryptogram. The summed pseudo-random 
integer plus the coding integer string is transmitted as 
the body of the cryptogram. To decrypt, the receiver 
subtracts the pseudo-random integer from the transmit- 
ted integer, breaks up the remaining integer into the 
blocks numerically coding the plaintext characters and 
retrieves the plaintext characters of the message. Provi- 
sion is made for further obscuring the cryptogram inte- 
ger. 

24 Claims, 5 Drawing Sheets 
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3,911,216 reveals a well known non-linear shift register 
PSEUDO-RANDOM CHOICE CIPHER AND for the same purpose. Further, U.S. Pat. No. 4,202,051 

METHOD describes linear shift register used with a non-linear 

function to generate a pseudo-random second sequence 
FIELD OF THE INVENTION 5 for use in the encrypting process as previously de- 

The present invention relates generally to a comput- scribed, 
ing system and method. Specifically, the present inven- U.S. Pat. No. 4,341,925 describes an encryption pro- 
tion relates to a cipher system and method for encrypt- ccss in whicn the signals of two pseudo-random number 
ing and decrypting computer information. generators are modulo 2-added, and then the resultant 

10 sum is modulo 2-added to a binary digitalized plaintext 
BACKGROUND OF THE INVENTION prior t0 transmission. One of the two original 

A common method of encrypting a plaintext message pseudo-random number sequences is multiplexed with 
starts by substituting integers for plaintext characters the encrypted data stream and transmitted as a synchro- 
according to some standard alphabet such as ITA2, nizing signal. Modulo 2-adding the two pseudo-random 
ITA5, ASCII, or EBCDIC. These integers are then 15 sequences increases the period of the resultant se- 
written in binary form to create a first string, or se- quence, and provision is made for sender-receiver syn- 
quence, of O's and Vs. To the first string is modulo chronized changes in the two component streams suffi- 
2-added another, second sequence of O's and Ts to pro- ciently often to avoid revealing the period of their conv 
duce still a third sequence of O's and Vs. The third se- bined output. Since this is just an enhanced pseudo-ran- 
quence of O's and Ts is transmitted as the encrypted 20 dom-number stream-modulo 2-added-to-the-plaintext 
message. The sender's object if to make this third string scheme, it will be evident that it does not bear on the 
of O's and l's appear to be a random sequence of digits present invention. ' 

in binary form the intended receiver modulo 2-adds the u s. p a t. No. 4,369,434 pertains to modification of 
second sequence to the third sequence to recover the existing proprietary encryption machines which require 
first sequence. Thereafter, the original plaintext mes- " a secret primary code known to both sender and re- 
sage is derived from the standard alphabet that was ceivef( a tranS mitted synchronizing signal and a ran- 
used, e.g., ITA2, ITA5, ASCII, or EBCDIC. If the dom , y generated aux yiary code which is transmitted in 
second sequence is truly random, an interceptor- deaf ^ choice of mitializing primary co de is 

attacker will be unable to reproduce the first sequence. randomly made ^ its addresS( in a memory commonly 
Thus, the plaintext message is preserved^ 30 ^ sender ^ ^ {$ transmiued m clear The 

There are a number of problems with this scheme: ^ ^ codfis m functionall short ^ subse . 
First, random number strings are a relatively scarce * > a detennined secret scheme . 

commodity. Second the receiver must have at hand j^stem described in U.S. Pat. No. 4,369,434 su- 
exactly the same random number sequence the sender __ . f _ , 

used or must be able to reproduce it Having at hand 35 T J semb }* s ^ ^ * e f resen mventlon * n 

exactly the same random number sequence the sender ? hat the startm S addr l f ss ; f ? r * e . firs ! ^ret pnmary code 
used requires the sharing of an enormous amount of key ! s transmitted as is the initializing integer of the mask- 
material. The sharing of an enormous amount of key m S *pe » the pre sent mventen. In the system de- 
material is impractical. Reproducing exactly the same scnbed » n U S Pat - No. 4,369,434, however, the pn- 
random number sequence the sender used is impossible. 40 codcs ™ st bc chan «« d lf *e message is lengthy. 

To avoid these two difficulties, a pseudo-random In the present invention, the masking tape simply con- 
number generator is commonly employed by both tmues to run for both sender and receiver. Further, the 
sender and receiver. A pseudo-random number genera- present invention requires neither transmission of a 
tor is a deterministic machine which, when initialized synchronizing signal nor transmission of an auxiliary 
by a "seed" number, produces a string of digits which 45 code. In short, the encrypting-decrypting algorithm 
appears to be random (by passing various statistical described in U.S. Pat. No. 4,369,434 is different from 
tests). The output of a pseudo-random number genera- that of the present invention. 

tor is periodic, but the period can be made very long. U.S. Pat. No. 4,638,120 describes a digitalized data 
When sender and receiver use pseudo-random number encryption scheme in which a time-variable random 
generators to produce the second, key, or encrypting 50 number sequence, E, is generated by the sender and 
sequence, they start with a common initializing "seed" transmitted to the receiver. Sender and receiver share a 
and synchronize the outputs of their generators. Start- secret code, S, and a set of identification codes, I«, one 
ing with a common initializing "seed" and synchronic of which is associated with each message M. To encrypt 
ing the outputs of the generators allows a known-plain- * message, the sender forms the concatenated binary 
text attack in which an interceptor-attacker gains access 55 sequence EI m call it Rj. An intermediate sequence, Si, 
to plaintext (hence to its binary digit string equivalent in is formed by adding Rt and S modulo 2, Si=Ri©S, 
terms of some standard numerical alphabet) and to the where S is a secret code shared by sender receiver, 
corresponding ciphenext. Knowing the digits of the Finally, an intrinsic code, R, is formed by ordinarily 
binary plaintext string enables the attacker to reproduce multiplication of the integers S, Si and Rj and reducing 
the corresponding pseudo-random number sequence. 60 the product modulo (2 M — 1). R=SxSiXRi (mod 
This frequently allows the attacker to determine the (2 64 -l)). Since the address of I« is transmitted to the 
algorithm, initializing "seed," and output sequence of receiver, the receiver can reconstruct the intrinsic code 
the system's pseudo-random number generator, thus R. The message, as a binary bit sequence, is added mod- 
"breaking" the code. ulo 2 to the intrinsic key R in binary representation. The 

Gaining access to plaintext and to the corresponding 65 result is the message encryption. To decrypt, the binary 
ciphertext as described above, with its defects, is the sequence R is modulo 2-added to the transmission. For 
intended use of the pseudo-random number generator effective communication, sender and receiver share a 
described in U.S. Pat. No. 2,949,501. U.S. Pat. No. secret code, S, and a commonly indexed set of message 
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identification codes. Required to be transmitted are: the techniques is referred to as hashing access methods." 
encrypted message, the time variable random (or pseu- "A hashing access method is commonly used when the 
do-random) digit sequence, a synchronization signal number of actual keys is a small percentage of the total 
and an address for the identification code. The process number of possible keys/' The scheme of U.S. Pat. No. 
described in U.S. Pat. No. 4,638,120 has no material 5 4,418,275 is claimed to be an improved hashing access 
relationship with the encrypting-decrypting algorithm method. U.S. Pat. No. 4,418,275 has nothing to do with 
or shared information of the present invention. faxa encryption or rendering stored data secure. Hence, 
US. Pat. No. 4,791,669 pertains to a method for error it ^ not hing to do with the present invention. U.S. Pat. 
reduction in the encryption of a randomized digital No. 4,667,301 involves a method of generating pseudo- 
encrypting string, Y, added modulo 2 to a digitalized 10 randoxn numbers. U.S. Pat. No. 4,667,301 has no con- 
plaintext stream. To shorten lengths of garbled portions nect j on ^th encryption-decryption of data (except as 
of a ciphertext string, the message is broken into chunks one ^ ht wish t0 tnis pse udo-random number 
or "frames" with a new construction of the sequence of ^ nmt0T); he nce, it has no connection with the present 
binary encryption bits, Y, in each frame. To do this, bits Invention 
from previous frames are used to call, randomly, out of 15 

memory sequences of bits for Y. Identical machinery SUMMARY OF THE INVENTION 

and memories at the receiver likewise produce succes- To features, and ad- 

sive chunks of Y and permit deewUon by modulo 2 accordance with the purpose of the 

* ddl TJL\ 10 th r C1 £ hCrt £ ^J^L^S ? n tendon as embodied and broadly described herein, a 
remarked that complicating the construction of Y in- 20 i , . . . a 

creases the probability thai equipment error at either «P** WJ" " Provided ^^"f^^^ 

sender or receiver will degrade individual framed por- <* ch <*aracter <* which is coded by a multiplicity of 

tions of the transmission. This may even increase mes- integers of a given lentfh. The numerical synonyms of 

sage degradation overall. The randomizing of the en. each of the plaintext characters are random £ distnb- 

crypting string Y differs from that of the present inven- 25 *ed in the collection of aU integers of length that of the 

tion in that it requires periodic reference to memories numerical synonyms. Numerical synonyms correspond- 

which contain stored integers at specific addresses in- ing to particular plaintext alphabet characters are se- 

stead of a memory which is simply a string of pseudo- lected pseudo-randomly from among the numerical 

randomly selected digits as in the present invention. synonyms associated with each such character. 

Moreover, synchronizing signal transmissions are re- 30 Wherein, the concatenation of numerical synonyms 

quired in the system of the patent, but not in that of the constitutes a plaintext message string integer, corre- 

present invention. Finally, and perhaps most impor- sponding to a plaintext message. A string of consecutive 

tantly, the act of encryption as described in U.S. Pat. digits comprising the output of a pseudo-random num- 

No. 4,79 1,669 involves the familiar addition modulo 2 of ber generator is used to encrypt a plaintext message 

randomized bit string, Y, and digitalized, unencrypted 35 string integer whereby the string of consecutive digits is 

plaintext. As remarked above, this invites known plain- called a masking tape string. The initializing "seed" for 

text attacks. the output of the pseudo-random number generator is 

The following four patents, although included for concealed as a subset (possibly permuted) of the digits 

completeness, have no bearing on the present invention. of an initializing integer to be transmitted with the en- 

U.S. Pat. No. 4,206,315 reveals a method of verifying 40 crypted message. The masking tape string integer is 

signatures appended to a digitalized message transmis- added to the right, with carries to the right, to the plain- 

sion. The signing process requires transmission of sue- text message string integer to form the ciphertext string 

cessive compressed encodings of successive validation integer. Pseudo-random integers of possibly variable 

tables and the existence of an independent verifier. Spe- j engtn m prefixed, suffixed or interspersed among the 

cific cryptosystems are irrelevant except as they are 43 digits of ^ ciphertext string according to prior ar- 

required to fit into the construction of validation tables. ran gements between sender and receiver. Permutations 

Hence, there is no necessary connection between the art m Ued {Q the digits c f successive blocks of digits of 

revealed in U.S. Pat. No. 4,206,315 auid that of the pres- the ciphertext string. A leader integer coded to identify 

ent invention. U.S. Pat. No. 4,326,098 describes the use prcfucs sufflxcs intcrspersions and block permutations 

of a "vault," or verifying structure, through which 50 £ ^ ^ transmitted di ^ t strin betwm the 

users or terminals in a computer network exchange mt ^ d hcrtcxt messagc string> ^ 

Da* Encryption Standard are employed fo? encryp- * ^ d '» on <° ? . s ? cond f mMtan « *** *nng identified by 
tion, although, presumably, other cryptographic 55 a initializing integer, 

schemes could also be used. Since U.S. Pat. No. BRIEF DESCRIPTION OF THE DRAWINGS 
4,326,098 does not reveal any new cryptosystems as _ . . ... . ^ , 

such, it also does not suggest or disclose the present . The accompanying drawings wmch are mcorporated 
invention. U.S. Pat. No. 4,418,275 pertains to a method » *n d constitute a part of the specificaUon illustrate 
of and apparatus for having keys to a data file, as stated 60 preferred embodiments of the invention and together 
therein: "In computerized processing of data it is com- with the general description of the invention given 
mon practice to store like data items as multiple entries above and the detailed description of the preferred 
within a named data file." "A portion of each record, embodiments given below, serve to explain the pnnci- 
referred to as the kay, is used to reference a specific pies of the invention. 

record." "Fundamental to the processing of the data file 65 FIG. 1 is a flow chart illustrating a basic embodiment 
is the search for a data record associated with a specific of the invention associated with the receipt of the first 
key. A number of techniques have been developed plaintext character to be transmitted using the present 
which perform this specific function. A class of these invention; 
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FIG. 2 is a flow chart illustrating a basic embodiment sages. The desired result of course is that the number of 
of the invention associated with receipt of a second and numerical synonyms for a plaintext character is propor- 
subsequent plaintext characters to be transmitted; tional to the frequency of its use in transmitted mes- 

FIG. 3 is a flow chart illustrating a basic embodiment sages, providing greater ambiguity in the ciphertext for 
of the invention associated with the reception and de- 5 frequently used plaintext characters, 
cryption of the encoded message; The result of these two requirements is that the prob- 

FIG. 4 is a flow chart illustrating a preferred embodi- ability of the use of any given numerical synonym is 
ment of the invention in which the initializing integer very small, and that the individual probabilities of use of 
initiates adulteration and permutation of the ciphertext any two numerical synonyms (representing the same or 
string; 10 different plaintext characters) are nearly equal. 

FIG. 5 is a flow chart illustrating a preferred embodi- Further, each pre-image set of each plaintext charac- 
ment of the invention in which the initializing integer ter is to be randomly distributed among the set of inte- 
initiates the undoing of permutations and the removal of gers of length l v iCX'in number. That is, the probability 
adulterations from the ciphertext string; that an integer of length 1, is in t - l (p$), for each p, in the 

The above general description and the following 15 plaintext alphabet is the cardinality of t->(p,) divided 
detailed description are merely illustrative of the ge- by 10'', card t~ 1 (pr))/10 / '. 

neric invention, and additional modes, advantages, and The encryption of a message consisting of a sequence 
particulars of this invention will be readily suggested to of plaintext characters of length m, pi, . . . , p m , begins 
those skilled in the art without departing from the spirit as follows: For the first character, pi, pseudo-randomly 
and scope of the invention. 20 select an element of t~ l (pi)- Henceforth abusing nota- 

„ tion, since t- ! (pi) is, as used above, always really a set 

DETAILED DESCRIPTION OF THE 0 f integers, call the selected integer t~Kp/). It is a nu- 

PREFERRED EMBODIMENTS merical synonym of p/. Successively repeat the process 

Reference will now be made in detail to the present for each of p2 through p m . Concatenating the t— '(p/VS, 
preferred embodiments of the invention. We now de- 25 in order gives us a plaintext message string of digits of 
scribe the invention and indicate how it avoids the prob- length m«lr. This selection of numerical synonyms for 
lems associated with the common encryption method of plaintext characters is by itself, a homophonic substitu- 
adding, modulo 2, a pseudo-random bit string to a digi- tion cipher. 

talized plaintext string. To encrypt the plaintext message string, the sender 

First, a definition is provided of specific terms which 30 selects an initializing "seed" integer to start the output 

are incorporated herein: of a pseudo-random number generator. The sender 

Digits are the first ten non-negative integers, 0, 1, . . reads out the output digits of the pseudo-random num- 

. , 9. A pseudo-random integer is a finite sequence of ber generator to a total of m»l/. 

pseudo-randomly selected digits. All integers are to be Call this retrieved digit string, the masking tape 

regarded as non -negative unless otherwise indicated. 35 string. 

For an integer, n, 1* is the number of digits making up Now the sender adds the plaintext message string (an 
n, Le., the length of n. integer) to the masking tape string (also an integer). 

A masking tape is a sequence of digits output by a Addition starts with the left most, or most significant, 
pseudo-random number generator. The name "masking digit of each (instead of the least significant, or right 
tape" is not purely facetious. A sequence of digits, seri- 40 most, digit of each). Addition is to the right (instead of 
ally accessed, may be regarded as and stored on a tape. to the left) with carries to the right (instead of to the 
The reference to "masking" will be apparent later. left). This '"backwards" addition permits decryption of 

A plaintext alphabet is a set of linguistic characters the message in the order in which the cipher synonyms 
sufficient to generate to-be-encrypted message. It might appear in the plaintext message string. The sum of the 
consist of, say, the English alphabet, common words, 45 plaintext message string and the masking tape string is 
digits, digraphs, acronyms and punctuation marks, for the ciphertext string. 

example. A plaintext alphabet might be represented by The initializing "seed" for the output of the pseudo- 
codes suitable for computer use, such as ASCII or random number generator is concealed in a prearranged 
EBCDIC. (known to sender and receiver) way in an initializing 

A thesaurus, a dictionary of synonyms, is a many- 50 integer. The "seed" may in fact be a prearranged per- 
to-one function, t, from the set of all integers, of com- mutation of a prearranged subset of a pseudo-randomly 
mon length, l v onto a plaintext alphabet, or onto a nu- chosen initializing integer. The initializing integer fol- 
merical coding for a plaintext alphabet. lowed by the ciphertext string is then transmitted to the 

It is desirable, first, to make the cardinality of the receiver. The receiver retrieves the initializing "seed" 
domain of the thesaurus function much larger than that 55 from the initializing integer, supplies it to a pseudo-ran- 
of the range (plaintext alphabet— 128 characters for dom number generator identical to that of the sender 
ASCII and 256 characters for EBCDIC). This permits and recreates the sender's making tape string. Subtract- 
large cardinality pre-images of plaintext characters and ing this "backwards" or to the right from the ciphertext 
makes the probability of randomly selecting a particular string, gives the plaintext message string of digits in 
integer from the pre-image of a particular plaintext 60 successive blocks, t ~ ! (p/), of length 1/. Finding the suc- 
character small. Each integer in the domain of t is a cessi ve images in the thesaurus, t(t- l (pif}=Ph ^ yields the 
numerical synonym for the plaintext character to which string of plaintext characters which constituted the 
it is mapped. original message. 

Second, the cardinality of the pre-image of a range Consider now the advantages of the present system, 
element of a thesaurus should, as a fraction of the cardi- 65 in its simplest form as described above, oyer the summa- 
nality of the domain of the thesaurus, as nearly as possi- tion of a pseudo-random sequence of digits and a stream 
ble, approximate the relative frequency of that range of integers corresponding one-for-one to the characters 
element in the plaintext language of encrypted mes- of a plaintext alphabet. First, since the masking tape 
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string only appears to an eavesdropper as a summand of In order that a ciphertext string not end in a sequence 

the known ciphertext string, reconstructing it depends of zeros, thus limiting the number of ways in which it 

upon knowing the plaintext message string. Since, for a can be decomposed into a masking tape string and a 

given encrypted message, there will be many equally plaintext message string, extraneous digits other than 

probably possible plaintext message strings, there will 5 zero may be added at the end of the ciphertext string 

be as many equally probable possible masking tape and recognized by the receiver as such as indicated 

strings. In short, the plaintext message string "masks* 1 above. If the ciphertext string is a permuted (or per- 

the masking tape string. muted and adulterated) ciphertext string, this may not 

Conversely, the masking tape string conceals the be necessary, 

choices of the numerical synonyms in the plaintext mes- 10 ] n the invention disclosed in application Ser. No. 

sage string, since each of many equally probably mask- 07/377,936, now U.S. Pat. No. 5,113,444, of which the 

ing tape strings is associated with a corresponding plain- present invention is a further development, an extensive 

text message string. The masking tape string "masks" masking tape of random digits was used to generate 

the plaintext message string. This latter function is the masking tape strings. In situations in which it is imprac- 

only masking commonly employed. 15 t ical to share a very long collection of random digits, 

To confuse attackers about the length of the message, sender and receiver may employ the method of the 

sender and receiver can conceal the beginning and end- p res ent invention, sharing, instead, identical pseudo- 

ing of the actual ciphertext string by the use of prefix ran dom number generators to generate the masking 

and suffix pseudo-random integers, of agreed-upon Upe string ^ by concealing, for each mes- 

length, transmitted preceding and following the actual 20 ^ initialing "seed" integer, which determines 

ciphertext string. This might be done in such a way as to the output of the generators, in an initializing 

keep the transmitted digit string from having length a intcger which r epi aces the suiting integer of the system 

multiple of l r . as previously described in the parent invention. For 

Further to confuse an attacker about the true nature example, if the initializing seed integer were concealed 

of the ciphertext string, sender and receiver might also 25 ^ ^ eed . u ^ n permutation often digits, it could be 

adulterate the ciphertext string by using interspersed one of approxin)ately 10 m possibilities in a 30-digit 

pseudo-random integers not necessarily of length l v initializi ^ ^ > L09x 10 w. ) 

between selected pairs of numerical synonyms in the Chfm $ng th 6 e M MXiniig seed with each message 

plaintext message string. Placement of the integers *^ ^ xt &mck$ $m a 

might be varied, from message to new by «co- 30 succeed were ft 

sive selections from a list, by notfor a second unique feature of the present invention: 
tiatong mteger or by some function i P^o- The plaintext message string integer, consisting as it 

random integer ^^J^STS^Zi 2? does ° f a of randoiily occurring imeg£ cod- 
the insertion schemes, the receiver, but not an attacker, , . *j * 4 . o f b ., J* , 

would be able to edit them out of transmitted and re- 35 m & o{pi ^™^'t"***Z£ 5 **? t ^" 
. ing tape out of the pseudo-random number generators. 

^Td^^liuig with prefixed or suffixed pseudo- ™* initializing integer may serve other jjuc^ « 
random integers or with interspersed pseudo-random "ell, namely, determining prefixed, suffixed and inter- 
integers is an adulterated cipherLt string. ""egers as well as block permutations of d^ts. 

What has been described so far is a stream cipher in 40 Additionally an initializing integer could contain 
which the ciphertext string of digits decrypts to the numerically coded instructions for ^ «mg *ic : numen- 
plaintext message. There is nothing to prevent permuta- synonym output of the thesaurus in at least two 

iionsofsuccessiveblocksofdigits(orofzerosandones wayi: first by permuting the digits of the : numerical 
for digits in binary form), followed by transmission of synonym selected for each plaintext alphabet character, 
the string of permuted blocks. These blocks may be of 45 *>d second, by shifting each numerical synonym by a 
fixed or variable length as long as they, and the order of common fixed added mteger (modulo the value of the 
their application, are known to both sender and re- numerically largest numerical synonym). Undoing the 
ceiver; They may be obtained by cycling through a list digit permutations and removing the added- shift 
known to sender and receiver or obtained as a function would be accomplished by the receiving unit based 
of the initializing integer. A (an adulterated) ciphertext 50 upon instructions contained in the mitiahzmg integer, 
string subjected to block permutations prior to transmis- These functions, sending and receiving could be han- 
sion is a purmuted (adulterated) ciphertext string. <«ed in the central processing units of FIGS. 1-5, as 

The receiver, knowing which succession of permuta- described below, 
tions has been applied, knows which succession of in- The use of memory cards ("IC cards ), which store 
verse permutations to apply, restoring the ciphertext 55 programs and data on computer chips, suggests an au- 
string. Using permutations of digit blocks of length thentication scheme, which is suitable for securing ac- 
greater than 1/ will mtermingle digits arising from dif- cess to confidential computer networks and their stor- 
ferent numerical synonyms, further confusing attackers. age files: A memory card stores the processor's account 

Naturally, the last permutation of ciphertext digits number, a brief masking tape and the algorithm for 
may require adding digits to the transmission. Deter- 60 computing the function value, f(xi, . . . , x n ), for some 
mining how many digits are extraneous after the se- function of n digits, xi, . . . , x„, possibly utilized in 
quence of inverse permutations has been applied is blocks. For example, the xi, . . . , x„ might be divided 
solved by having the sender "sign" the message by into blocks, all but the last of which provide the abso- 
sending an encrypted signature (one of many suppos- lute values of the coefficients of a polynomial form, 
edly known only to the receiver-sender pair). When the 65 while the last provides the value of the variable of the 
receiver comes to the end of the decrypted signature or polynomial. A verifier or "guardian" of the information 
pass code, he regards all subsequent digits as extraneous stores each of these short masking tape and functional 
and ignores them. algorithm pairs, indexed by users* account numbers. 
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When a memory card is presented to the memory car message, This numerical synonym goes, via the link 8, 

reader— a simple computer linked to the verifier com- to the Adder/Subtracter where it is added to the corre- 

puter— for entry to the system, the verifier calls up the sponding, second, piece of masking tape. Provision is 

masking tape and algorithm corresponding to the card's made of course for any carryover from the first such 

account number and generates a pseudo-random start- 5 sum for the first plaintext character. This second sum- 

ing integer which is sent to the memory card reader. mation then also goes off, via the link 9, for transmission 

The starting integer locates a string, di, . . . , d„, of n as part of the ciphertext string, 

consecutive digits in the masking tape of the memory Third and subsequent plaintext characters are han- 

card, which the memory card reader uses to calculate died correspondingly until the completed cryptogram 

f(di, . . . , d n ) from the card's stored algorithm. This 10 has been transmitted. 

number, f(di, . . . , d n ) is transmitted back to the verifier, pjo. 3^3 flow chart illustrating a basic embodiment 
which has made the same calculation based on the value 0 f tne invention associated with the reception and de- 
of the starting integer. If the two function values agree, cryption of the encoded message. Upon receipt of the 
the possessor of the memory card, is free to enter into initializing integer of a cryptogram from the Receiving 
the system. 15 Means (radio receiver, etc.) via a link 10, the CPU corn- 
According to an Associated Press release of Sep. 14, mim icates via a link 11 to the PRNG, identical to the 
1991, as reported in the Houston Chronicle, memory one used by the writer, the value of the initializing 
cards with four megabytes of capacity will be available . <seecr extracted from the initializing integer. The 
by the end of 1991, and it is expected that they will have pRNG then starts generat i n g the sequence of masking 
a capacity of 40 megabytes in four years. 20 ^ ^ by the m m% via the 

FIG. 1 is a flow chart Ulustrating a basic embodiment ^ n tQ ^ Adder/Subtracter, 

of the invention associated with the receipt of the first ^ Add er/Subtracter receives the ciphertext string 

plaintext character to be transmitted using the present (minus ^ mt ^ from ^ CPU via B link 

invention. The first plaintext character of a message to u subtracts ^ maskin stfin lied b the 

™f 5? te ^ 1 inpUtt ° l he J ^/TT*^ 'k 25 PRNG and sends the resulting sequence of numerical 

CPU. The CPU activates he ^o-Random Number via Thesaurus. 

Generator, PRNG, via a hnk 1. The PRNG generates sequentially looks up the numerically 

the miufzing ^integer j/^ ^^^^ » coded equivalents of the plaintext message characters 
mits to the CPU via a link 2. The CPU stores the initial- J , . . F 1K , rpi , 
izing integer for the duration of the message and ex- 30 * thes f via a J?* l * l ° lh f The CPU 
tracts an initializing -seed" from the initializing integer con ; erts the integer ccdings to plaintext characters and 
which it transmits back to the PRNG via a link 3. The ™ a lmk 16 the messa S e om t0 a 
PRNG takes the initializing "seed" and uses it to gener- pr 2i5T' . „ - „ . c * u j- 
ate a pseudo-random string of digits of length 1, for ™> * " a flow cha * ^ustrattnga preferred embodi- 
submission via a link 4 to the Adder/Subtracter. The 35 ment of the invention in which the initializing integer 
initializing integer is also transmitted via a Hnk 5 to the initiates adulteration and permutation of the ciphertext 
Transmitting Means (radio transmitter, wire link, etc.) st ™S; A preferred embodiment as lUustrated in FIG. 4 
and is transmitted as the first digit substring of the cryp- * ^f 11 * to that described with reference to 
toeram FIGS. 1 and 2. However, in this embodiment, provision 
The CPU via the link 1 next causes the PRNG to send 40 *» * adc *» transmission of an adulterated (by prefix 
a pseudo-random integer to the Thesaurus via a link 6. suffix and interspersed pseudo-random integer) and 
The Thesaurus, in a natural embodiment, looks up the permuted (by permutations of blocks of digits) cipher- 
first numerical synonym greater (or lesser or nearest) text string. In this embodiment, the initializing integer is 
than the pseudo-random integer, input via the link 6, «sed to select places for and lengths of interspersed 
which corresponds to the numerically coded first plain- 45 pseudo-random integers and the choice of the sequence 
text character input from a link 7. It sends this Humeri- of integer block permutations. These two initializing 
cal synonym via a link 8 to the Adder/Subtracter. The integer-based selection processes must, of course, be 
Adder/Subtracter adds the first numerical synonym to shared by sender and receiver, most readily perhaps, in 
the first masking tape substring of length 1/ and sends it respective CPU's. 

off for transmission via a link 9 to the Transmitting 50 t^s embodiment, an Intersperser receives the im- 

Means, following the initializing integer. tial ciphertext stream via a link 17 from the Adder/Sub- 

FIG. 2 is a flow chart illustrating a basic embodiment tracter. The ciphertext string is interrupted by the In- 
of the invention associated with receipt of a second and tersperser by instructions from the CPU carried by a 
subsequent plaintext characters to be transmitted. In 1"^ 18- The g a P s are filled by pseudo-random integers 
FIG. 2, the second plaintext message character is con- 55 received via a link 19 from the PRNG. The CPU in- 
verted to a numerical equivalent in the CPU and this structs the PRNG, via the link 1, to send these pseudo- 
integer is sent via the link 7 to the Thesaurus. The CPU random integers to the Intersperser. 
also instructs the PRNG to produce its next succeeding From the Intersperser via a link 20 the adulterated 
masking tape substring of length 1/and to transmit it via ciphertext string is conveyed to the Block Permuter 
the link 4 to the Adder/Subtracter. Meanwhile, again 60 where a sequence of digit-block permutations is applied 
via the link I, the CPU has also instructed the PRNG to successive blocks of ciphertext digits upon instruc- 
via the link 6 to send another pseudo-randomly integer tions by the CPU conveyed to the Block Permuter via 
to the Thesaurus. the link 21. 

As with the first plaintext character, the Thesaurus The CPU, having kept track of the length of the 
takes the second pseudo-random integer and looks up 65 adulterated ciphertext string, instructs the PRNG via 

the first numerical synonym greater (or lesser, etc.) than the link I to send, via a link 22, sufficient pseudo-ran- 

this pseudo-random integer, which numerical synonym dom digits to permit the application of the last indicated 

corresponds to the second plaintext character of the block permutation. 
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Finally, the adulterated permuted ciphertext string synonyms corresponding to that plaintext alpha- 
falls in behind the initializing integer and is sent, via the bet character; 

link 9, to the Transmission Means for transmission to a (b) a concatenation of the numerical synonyms com- 

receiver. prising a plaintext message string integer corre- 

FIG. 5 is a flow chart illustrating a preferred embodi- 5 sponding to a plaintext message; and 

ment of the invention in which the initializing integer (c) a masking tape string comprising a pseudo-ran- 

initiates the undoing of permutations and the removal of dora sequence of digits, generated by an initializing 

adulterations from the ciphertext string. The reception- seed, a new initializing seed for each cryptogram 

decrypting process of this preferred embodiment is and the initializing seed concealed as a subset of the 

identical to that of FIG. 3, except that further provision 10 digits of an initializing integer, and added to the 

must be made for unscrambling the permuted digit plaintext message string to form a ciphertext string, 

blocks and removing the adulterating integers before 2 - A ci P her s y stem for cryptographic use, as defined 

the ciphertext is fed to the Adder/Subtracter. m claim *» » which the initializing seed for generating 

Upon receiving the cryptogram, beginning with the the pseudo-random sequence of digits is concealed in an 

initializing integer, from the Receiving Means via the 15 initializing integer transmitted with the encrypted mes- 

link 10, the CPU transmits the adulterated permuted . , , , . • , „ , 

ciphertext string via a link 23 to the Block Permuter. . 3 * cipher system for cryptographic use, as defined 

Using the initializing integer, the CPU sends instruc » <*™ 2 > » which the initializing integer is coded to 

lions by a link 24 to the Block Permuter, causing ti to _ ldcntlf y suf ** cs ' "^persions and block per- 

applytheinversesofthesequenceofdigit-blockpennu- 20 *utaUons m the ciphertext message string, 

tations to the received ciphertext string. The r£uh is . 4 * A cl P her j° T cryptographic use. as defined 

the unpermuted, but still adulterated, ciphertext string ! n <*™ 2 ' m ^ ch the tmuahzing integer is coded to 

which is sent via a link 25 to the Intersperser to delete ^ft^ 

. r-jrt-jj-. j j **— and additions of a common Fixed integer to the numen- 

the prefixed suffixed and interspersed random integers. 25 Qf m ^ . 

By link a 26 the CPU instructs the Intersperser to de- $ \ ^ ^ fQr t * hic ule, as defined 

lete the prefixed, suffixed and ^interspersed random inte- m ^ £ fa w ^ ch fl ^/^^ coded t0 identify 

gers. The now unadulterated, unpermuted ciphertext f ^ interspersions and block permutations, 

SX ^ l$ ™™ ye ?*Z a lmk ? 7t0tl i e A ^l r/S f\ ra f e '* *» inserted into the transmitted digit string between the 

™^Y^ nd / thC mitia ? ,zmg seed by ^ hnk " 30 initializing integer and the ciphertext message string, 

to the PRNG and initiates the transmission of the mask- 6 A cj her s tcm for crvptographic USCt as defined 

mg tape string to the Adder/Subtracter by the link 12. m claim j in which tnc masking tope ^ fetc is 

The Adder/Subtracter subtracts the masking tape add ed to the right, with carries to the right, to the plain- 

stnng from the ciphertext string, revealing the plaintext text message string mtege r to form the ciphertext string 

message string. 35 j nte ger. 

The plaintext message string goes by the link 14 to the T A cipher system for cryptographic use, as defined 

Thesaurus where the sequence of numerical synonyms ^ daim lt m which pse udo-randoro integers, of possibly 

is converted to a sequence of integers numerically cod- variable length, are prefixed, suffixed or interspersed 

ing the sequence of plaintext alphabet characters. This among tne digits of the ciphertext string according to 

is sent by the link 15 to the CPU for conversion to the 40 pr i or arrangements between sender and receiver, 

original plaintext message, which is output by the link g A cipncr system f or cryptographic use, as defined 

16- in claim 1, in which permutations are applied to the 

A simple way of further encrypting a permuted and- digits of successive blocks of digits of the ciphertext 

/or adulterated ciphertext string would be to add an- string. 

other masking tape string to the permuted, adulterated 45 9, a cipher system for cryptographic use, as defined 
ciphertext string prior to transmission— using, of m claim 1, in which a leader integer, coded to identify 
course, a second initializing integer. prefixes, suffixes, interspersions and block permutations, 
I claim: is inserted into the transmitted digit string between the 
1. A cipher system for use by a sender and a receiver initializing integer and the ciphertext message string, 
to generate cryptograms, the system comprising: 50 10, A cipher system for cryptographic use, as defined 
(a) a plaintext alphabet, each character of which is m claim 1, in which the initializing integer-ciphertext 
coded by a collection of numerical synonyms com- string is superencrypted by addition to a second mask- 
prising non-negative integers of a common fixed ing tape string identified by a second initializing integer, 
length such that: 11. A cipher system for cryptographic use, as defined 
(i) the fraction, of all the numerical synonyms, for 55 in claim 1, in which a memory card containing a user 
all the plaintext alphabet characters, correspond- number, a masking tape and functional algorithm is used 
ing to a given plaintext alphabet character is to gain accesses to a secure network, 
substantially equal to the relative frequency of 12. A cipher system for cryptographic use, as defined 
use of that plaintext alphabet character in con- in claim 1, in which a memory card containing a user 
structing meaningful plaintext messages; 60 number, a pseudo-random number generator and a 
(ti) the numerical synonyms for each plaintext al- functional algorithm is used to gain access to a secure 
phabet character are randomly distributed in the network. 

collection of all non-negative integers, in their 13. A cryptographic method for generating crypto- 

natural ordering, which have the common fixed grams comprising the steps of: 

length of the numerical synonyms; and 65 (a) generating a plaintext alphabet each character of 

(iii) the choice of a numerical synonym to represent which is coded by a collection of numerical syn- 

a plaintext alphabet character is pseudo-ran- onyms comprising non-negative integers of a com- 

domly made from the collection of numerical mon fixed length such that: 
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(i) the fraction, of all the numerical synonyms, for tions of a common fixed integer to the numerical syn- 
all the plaintext alphabet characters, correspond- onyms of a plaintext message string integer. 

ing to a given plaintext alphabet character is 17. A cryptographic method, as defined in claim 13, 
substantially equal to the relative frequency of in which a leader integer, coded to identify prefixes, 
use of that plaintext alphabet character in con- 5 suffixes, interspersions, and block permutations, is in- 
structing meaningful plaintext messages; serted into the transmitted digit string between the ini- 

(ii) the numerical synonyms for each plaintext al- tializing integer and the ciphertext message string, 
phabet character are randomly distributed in the 18. A cryptographic method, as defined in claim 13, 
collection of all non-negative integers, in their in which the masking tape string integer is added to the 
natural ordering, which have the common fixed 10 right, with carries to the right, to the plaintext message 
length of the numerical synonyms; and string integer to form the ciphertext string integer. 

(iii) the choice of a numerical synonym to represent 19. A cryptographic method, as defined in claim 13, 
a plaintext alphabet character is pseudo-ran- in which pseudo-random integers, of possibly variable 
domly made from the collection of numerical length, are prefixed, suffixed or interspersed among the 
synonyms corresponding to that plaintext alpha- 15 digits of the ciphertext string according to prior ar- 
bet character; rangements between sender and receiver. 

(b) concatenating the numerical synonyms, compris- 20. A cryptographic method, as defined in claim 13, 
ing a plaintext message string integer correspond- in which permutations are applied to the digits of sue- 
ing to a plaintext message; and cessive blocks of digits of the ciphertext string. 

(c) forming a masking tape string, comprising a pseu- 20 21. A cryptographic method, as defined in claim 13, 
do-random sequence of digits, generated by an in which a leader integer, coded to identify prefixes, 
initializing seed, a new initializing seed for each suffixes, interspersions, and block permutations, is in- 
cryptogram and the initializing seed concealed as a serted into the transmitted digit string between the start- 
subset of the digits of an initializing integer, and ing integer and the ciphertext message string. 

added to the plaintext message string to form a 25 22. A cryptographic method, as defined in claim 13, 

ciphertext string. in which the initializing integer-ciphertext string is su- 

14. A cryptographic method, as defined in claim 13, perencrypted by addition to a second masking tape 
in which the initializing seed for generating the pseudo- string identified by a second initialing integer, 
random sequence of digits is concealed in an initializing 23. A cryptographic method, as defined in claim 13, 
integer transmitted with the encrypted message. 30 in which a memory card containing a user number, a 

15. A cryptographic method, as defined in claim 14, masking tape and a functional algorithm is sued to gain 
in which the initializing integer is coded to identify access to a secure network. 

prefixes, suffixes, interspersions and block permutations 24. A cryptographic method, as defined in claim 13, 

in the ciphertext message string. in which a memory card containing a user number, a 

16. A cryptographic method, as defined in claim 14, 35 pseudo-random number generator and a functional al- 
in which the initializing integer is coded to identify gorithm is used to gain access to a secure network, 
permutations of digits of numerical synonyms and addi- * * * 
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